Lucene search

[email protected]CVE-2008-2401

HistoryJun 04, 2008 - 8:32 p.m.

CVE-2008-2401

2008-06-0420:32:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-2401

admin server

sun java

active server pages

asp

remote attack

file append

security vulnerability

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.3%

JSON

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications.

CPENameOperatorVersion
sun:java_active_serversun java active servereq4.0.2

CPE	Name	Operator	Version
sun:java_active_server	sun java active server	eq	4.0.2

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=705

secunia.com/advisories/30523

sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1

www.securitytracker.com/id?1020186

www.vupen.com/english/advisories/2008/1742/references

exchange.xforce.ibmcloud.com/vulnerabilities/42832

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for CVE-2008-2401

securityvulns2 prion1 cvelist1 nessus2